hello,
I set up an OpenVPN server using a virtual machine on centos 6.
My server has two interfaces:
-eth0 on wan
-eth1 with the IP 10.72.11.212.
Once connected with my laptop I can ping and ssh the servers in the 10.72.11.0 subnet. I also need to be able to reach other subnets such as 10.72.10.0/24 10.72.13.0/24
I added the routes in /etc/sysconfig/network-scripts/route-eth1 on the server.
10.72.10.0/24 via 10.72.11.1 dev eth1
10.72.11.0/24 via 10.72.11.1 dev eth1
10.72.13.0/24 via 10.72.11.1 dev eth1
10.72.16.0/24 via 10.72.11.1 dev eth1
From the openvpn server I can now reach these networks.
I added the routes in my openvpn.conf file
push "route 192.168.101.0 255.255.255.0"
push "route 10.72.11.0 255.255.255.0"
push "route 10.72.10.0 255.255.255.0"
push "route 10.72.13.0 255.255.255.0"
push "route 10.72.16.0 255.255.255.0"
From the laptop however I can only reach the 10.72.11.x addresses.
At first it wouldn't work so i added the masquerade rule in my iptables:
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
I allowed packed from TUN devices:
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A FORWARD -o tun+ -j ACCEPT
but I can't ping any server on the 10.72.10.x 10.72.13.x etc subnets
Any idea how I can achieve this?
thank you!
[Solved] problem reaching lan
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 3
- Joined: Fri Jun 02, 2017 11:50 pm
-
- OpenVpn Newbie
- Posts: 3
- Joined: Fri Jun 02, 2017 11:50 pm
Re: problem reaching lan
solved. I had one iptables rule droping packet to these networks...silly me
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: problem reaching lan
We all make mistakes, thanks for letting us know